Photo of Phil Bradley-Schmieg

Philippe Bradley-Schmieg’s practice covers a range of commercial, regulatory and intellectual property matters affecting the IT, e-health, internet media and telecoms sectors, often with a multi-jurisdictional scope.  He advises on intellectual property, compliance and policy matters such as online consumer rights, liability for third party content, patent, copyright and database right licensing, privacy and data protection, medical confidentiality, cybersecurity, data breach responses, and law enforcement data disclosure.  Mr. Bradley-Schmieg advises on UK, EU and international law, and has worked in London and Brussels.

This article was originally published on our sister blog InsidePrivacy

May 2015 saw a number of developments in the EU mHealth sector worthy of a brief mention.  The European Commission announced that it would work on new guidance for mHealth apps, despite the European Data Protection Supervisor and British Standards Institution publishing their own just weeks earlier.  In parallel, the French data protection authority announced a possible crackdown on mHealth app non-compliance with European data protection legislation.  This post briefly summarizes these developments.
Continue Reading May 2015 EU mHealth Round-Up

 This post originally appeared on our sister blog, Covington eHealth.

The European Commission has finally published its summary of 211 responses to its mobile health (“mHealth”) consultation. The summary and original responses to the consultation have been made available on the Commission’s website at https://ec.europa.eu/digital-agenda/en/news/summary-report-public-consultation-green-paper-mobile-health
Continue Reading Summary Report of European Commission’s mHealth Consultation Published

 This post originally appeared on our sister blog, InsideMedicalDevices.

The UK Information Commissioner’s Office (ICO) has launched an informal survey of current practices relating to the use of data-enabled medical devices and apps.

The short and anonymous survey explores whether organisations have put in place specific policies and procedures, asset registers, IT security requirements for medical device procurement policies, information governance and incident response processes, and an “end of life” policy for defunct/decommissioned devices.
Continue Reading UK Data Protection Regulator Surveys Use Of Smart Medical Devices

The health sector handles substantial quantities of personal information, including information that is deemed to be “sensitive” under European data protection regimes.  For that reason, health care providers sometimes question their ability to take advantage of increasingly popular e-health cloud services.  While EU lawmakers are contemplating a “European Privacy Seal” – which could, if done properly, be useful for would-be cloud customers to assess the robustness of a cloud provider’s data protection measures – a leaked EU Council document revealed that discussions over the scheme are floundering.  We therefore learnt with interest from our colleagues at the InsidePrivacy blog that the International Standards Organization (ISO) and the International Electrotechnical Commission (IEC) jointly adopted a new standard this summer governing the processing of personal data in the cloud — ISO/IEC 27018 (“ISO 27018”).
Continue Reading E-Health Take Note: Standards Published For Personal Data In The Cloud